AuthSec SDK for MCP auth, services, CIBA, and SPIFFE integration

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for authsec_sdk from gravatar.com authsec_sdk

Unverified details

These details have not been verified by PyPI
Meta
  • Author: AuthSec Team
  • Tags authsec , mcp , oauth , rbac , spiffe , ciba , authentication , authorization
  • Requires: Python >=3.10.11
Report project as malware

Project description

AuthSec Python SDK (authsec-sdk)

Add OAuth + authorization enforcement to MCP tools.

Install

python3 -m pip install authsec-sdk

Import path:

from authsec_sdk import protected_by_AuthSec, run_mcp_server_with_oauth

Legacy import path is also supported in this release:

from AuthSec_SDK import protected_by_AuthSec, run_mcp_server_with_oauth

Minimal Integration (your MCP server)

from authsec_sdk import mcp_tool, protected_by_AuthSec, run_mcp_server_with_oauth


@mcp_tool(
    name="ping",
    description="Health check",
    inputSchema={"type": "object", "properties": {}, "required": []},
)
async def ping(arguments: dict) -> list:
    return [{"type": "text", "text": "pong"}]


@protected_by_AuthSec(
    tool_name="delete_invoice",
    permissions=["tool:delete_invoice"],  # optional; remove for auth-only
    require_all=True,
    description="Delete invoice",
    inputSchema={
        "type": "object",
        "properties": {
            "invoice_id": {"type": "string"},
            "session_id": {"type": "string"},
        },
        "required": ["invoice_id"],
    },
)
async def delete_invoice(arguments: dict) -> list:
    user = (arguments.get("_user_info") or {}).get("email_id", "unknown")
    return [{"type": "text", "text": f"Deleted {arguments.get('invoice_id')} by {user}"}]


if __name__ == "__main__":
    import __main__

    run_mcp_server_with_oauth(
        user_module=__main__,
        client_id="YOUR_CLIENT_ID",
        app_name="my-mcp-server",
        host="127.0.0.1",
        port=3005,
    )

Run

python3 server.py

Optional endpoint overrides (self-hosted gateway):

export AUTHSEC_AUTH_SERVICE_URL="http://localhost:8000/sdkmgr/mcp-auth"
export AUTHSEC_SERVICES_URL="http://localhost:8000/sdkmgr/services"
python3 server.py

Verify

npx @modelcontextprotocol/inspector http://127.0.0.1:3005

Flow:

  • Call oauth_start
  • Complete login in browser
  • Call your protected tool with session_id

Troubleshooting

  • ModuleNotFoundError: No module named 'authsec_sdk'
    • You are using a different Python than the one where you installed the package. Use python3 -m pip ... and run with the same python3.
  • ModuleNotFoundError: No module named 'AuthSec_SDK'
    • Upgrade to this release (4.0.1+) or use canonical import authsec_sdk.
  • Server exits with cleanup event-loop error on Ctrl+C
    • Fixed in this release (4.0.1+).

Publishing (maintainer)

  1. Set credentials:
export TWINE_USERNAME="__token__"
export TWINE_PASSWORD="pypi-..."
  1. Build and upload:
cd /absolute/path/to/sdk-authsec/packages/python-sdk
python3 -m pip install --upgrade build twine
python3 -m build
python3 -m twine check dist/*
# Optional TestPyPI:
# python3 -m twine upload --repository testpypi dist/*
# Publish:
python3 -m twine upload dist/*

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for authsec_sdk from gravatar.com authsec_sdk

Unverified details

These details have not been verified by PyPI
Meta
  • Author: AuthSec Team
  • Tags authsec , mcp , oauth , rbac , spiffe , ciba , authentication , authorization
  • Requires: Python >=3.10.11

Release history Release notifications | RSS feed

4.3.2

4.3.1

4.3.0

4.1.3

4.1.2

4.1.1

4.1.0

4.0.5

4.0.2

This version

4.0.1

4.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authsec_sdk-4.0.1.tar.gz (27.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

authsec_sdk-4.0.1-py3-none-any.whl (30.6 kB view details)

Uploaded Python 3

File details

Details for the file authsec_sdk-4.0.1.tar.gz.

File metadata

  • Download URL: authsec_sdk-4.0.1.tar.gz
  • Upload date:
  • Size: 27.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.0.1.tar.gz
Algorithm Hash digest
SHA256 52c8a36619062c6ff4a6463868f0aa7b5cbc904909e98c3edaa9f99ea2fc7360
MD5 9f811c33de5a342b38f6a97c9267ec39
BLAKE2b-256 c894f3495d88433fdd9f6de1d4bc5210bd1c2a27c028070404c4a40c3ef36247

See more details on using hashes here.

File details

Details for the file authsec_sdk-4.0.1-py3-none-any.whl.

File metadata

  • Download URL: authsec_sdk-4.0.1-py3-none-any.whl
  • Upload date:
  • Size: 30.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.1

File hashes

Hashes for authsec_sdk-4.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e9828f26fcca574ba9c56ffc1f26c1729f16fbe6d39ec7bce7ec4637a040919a
MD5 fed16c25997701989801eee68b1b1e11
BLAKE2b-256 757dd7d81fbfbfa48e81cb7d6bdaf71f460bed4f682067afb4e177c3c7d81753

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page